Block Messaging Services

Hewlett-packard / Hp pavilion dv5 notebook...
March 12, 2009 at 02:32:48
Specs: Windows XP SP3, 1.9 GHz / 2812 MB
I run a small business and I would like to block people from running services such as AIM, Yahoo and MSN Messenger. I was told I could do this by blocking ports on my router's firewall. However, exactly which ports should I block for the services?

This is a challenge posting by CNChallenger.

See More: Block Messaging Services

Report •

March 12, 2009 at 07:18:04
The ports can be researched on google. (example search would be "aim port" or "msn port") It might take a little monkeying around to find the correct port numbers, but it can be done.

If you have the budget, you could purchase a QoS device. Most of them come with certain things preconfigured, like msn, aim etc, and all you'd have to do is tell it to shut those down and they'd no longer be useful.

Do understand you will ruffle feathers doing this. I think your best bet is to first of all get into discussion with the big boss, CEO or owner of the company. Create a "appropriate use" policy to pertain to company equipment (computers, laptops etc) and the companies network itself. Publish this, have all employee's read it and sign off that they have read it and understand it.

Then deploy whatever security you deem necessary.

You have to know up front that people will try to ignore your security measures or worse yet, circumvent them. Fire (quite publicly so all staff know about it) the first offender you catch and the rest should (grudgingly) toe the line.

It never ceases to amaze me how people will go to work and logon to the company computer/laptop and think it belongs to them and they have the right to do whatever they please with it.

The equipment and network all belong to the company and are the companies property and that gives the company every right to say how they can be used......period.

If the employees don't like it, there's a door and nothing in the world stopping them from quitting their job and walking out that door.

Report •

March 12, 2009 at 14:23:15
I suggest that there is no reason to allow business computers access to the web at all. Set an old junky computer for people to have access to the web and don't let flash drives move across.

Since no one will do that....

Use router's documentation to use any and all of the features it allows.

Many routers can block by various means. IP, Port and even application can be chosen depending on model.

Most routers are accessed by a web based config. You use browser to either ip or unique name and log in.

Setting the settings too strict isn't too bad. It is much better than not or too little.

I'd start with only allowing port 80 and see who complains.

"Best Practices", Event viewer, host file, perfmon, antivirus, anti-spyware, Live CD's, backups, are in my top 10

Report •

Related Solutions

Ask Question